Process and device for value added service access control

ABSTRACT

This application concerns a process for controlling access by a user ( 7 ) to a value added service (VAS) ( 5 ) received via receiver device ( 2 ), designed for connection to a device ( 3 ) for transmission of said VAS via network ( 4 ). Receiver device ( 2 ) receives said VAS ( 5 ) from transmitter device ( 3 ) in partially enciphered form. Said VAS is transmitted by said transmitter device without any request from user ( 7 ). Receiver device ( 2 ) receives said VAS ( 5 ) from transmitter device ( 3 ) in partially enciphered form. This application also applies to the system for implementation of said process.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The invention concerns a process and device for controlling user accessto value added services, in particular in the context of mobiletelephony or Internet type data packet communication networks.

2. Description of the Related Art

A value added service hereinafter referred to as VAS, is a service forwhich a charge is frequently made, provided in addition to the servicesoffered by the intermediate medium on which it is distributed. In thecontext of mobile telephony, the medium is a mobile telephone station. AVAS can be a game, an Internet page interrogation service or thepurchase of goods (books, on-line music, etc.) for example. In thecontext of Internet, the medium is a microcomputer equipped with abrowser. VAS examples include interrogation of magazines and softwareupdating.

In the context of mobile telephony, the invention applies to GPRS(General Packet Radio Services), EDGE (Enhanced Data rate for GSMEvolution), UMTS (Universal Mobile Telephone Standard), CDMA 95 and 2000(Code Division Multiple Access), WCDMA (Wideband CDMA), 3GPP (ThirdGeneration Partnership Program), 3GPP2 (North American version of 3GPP)and other cellular communications networks.

A known current solution for the distribution of value added services inthis context is the Internet mobile telephone browser for example.

A number of problems are encountered in connection with access tocharged value added services on packet type cellular radiocommunicationsnetworks.

To access a VAS, the user must first locate the service. This type ofprocedure is frequently long, complex and can be unsuccessful if theinformation available to the user is insufficient. The time required tofind the VAS can be billed to the user where access is not free. Theuser must then access the VAS in question. The user generally attemptsto access the service when the network is in most intensive use. Accessis consequently lengthy and difficult. The user may even fail to accessthe services targeted if the telephone network is interrupted. Access toa VAS is consequently costly in terms of both time and money, and userstend to make little call on mobile telephone VAS services.

Moreover, when receiving the VAS, the user has to pay to execute it. Hecan not know how the VAS works, what the VAS contains, what itsfunctions are, how it is . . . except if he purchases said VAS.

As regards Internet, a solution for restricting access to a sitedistributing charged information in widespread use involves controllingaccess to the site by means of an individual password assigned to eachuser. However, this method is cumbersome and costly. It must involve anaccess control system which is sufficiently powerful to escapefraudulent misuse, and an associated centralised user entitlementmanagement system. Users have to memorise a number of passwords if theyaccess several sites of this type. Likewise, users must disclose theiridentity when paying by bank card for the VAS which they wish to access.However, the user may wish to remain anonymous.

In this context, one purpose of this invention is the proposal of aprocess and device for rapid, easy access to value added services viamobile telephones.

Another purpose of this invention is to propose a process and deviceenabling an Internet user to avoid the need for memorising passwords toaccess chargeable information and remain anonymous during said access,and to provide for the creation and simplified maintenance of chargedaccess sites while enhancing the protection of said sites.

SUMMARY OF THE INVENTION

In this context, this invention proposes a process for a user to accessto a quantifiable data set received via a receiver device, designed forconnection to a transmitter device for said data set via a network,characterised in that said data set is transmitted by said transmitterdevice without any request from user.

This invention also concerns a system for implementing said process, inparticular in the domain of packet type communications networks andmobile telephony.

BRIEF DESCRIPTION OF THE DRAWINGS

Other characteristics and advantages of the invention will becomeapparent from the following description, provided as an illustrative andnon-limitative example of the invention, referring to the appendeddrawings where:

FIG. 1 is a schematic view of one practical form of the system accordingto the invention, in a mobile telephony context;

FIG. 2 is a diagram illustrating the principal steps of a practical formof the implementation process for the system according to FIG. 1;

FIG. 3 is a schematic view of a practical form of the system accordingto the invention in an Internet context.

DESCRIPTION OF THE INVENTION

The invention applies, although not exclusively, to GPRS standard mobiletelephone stations. It should be understood however that the inventionshould not be limited to this single application. Applications can befound, in particular, in connection with other standards such as thoseindicated above. The invention can also be applied in domains other thanthat of mobile telephony, including for example that of packet type datacommunication networks such as Internet and others.

The invention is described and illustrated below in a first practicalform in context of the GPRS network (FIGS. 1 and 2), and a secondpractical form in the context of the Internet network (FIG. 3).

The first practical form of this system according to the invention,illustrated in FIGS. 1 and 2, is an application in the mobile telephonydomain. System 1 comprises receiver devices 2, namely in the exampleillustrated, mobile telephone station 2, and transmitter devices 3,namely in the example illustrated service provider 3. Station 2 andprovider 3 are connected via a GPRS network 4.

Provider 3 transmits data, and more particular value added services 5,hereinafter referred to as VAS, to station 2. The VAS provided byservice provider 3 is transmitted on networks managed by an operator.Transmission of the VAS can be billed by the operator, the amountdepending on the number of bytes transmitted and consequently thequality of the service. On the other hand, the number of bytes is oflittle relevance for billing the VAS by the service provider. The priceof a VAS is the price which customers are ready to pay to obtain theservice.

Station 2 belongs to and is used by user 7. Mobile telephone station 2comprises mobile telephone 8 and SIM card 9.

SIM card 9 is a smart card incorporating information processing andstorage devices, and a functional module referred to as a SubscriberIdentity Module (SIM). The SIM card stores a quantity of data relatingto the telephone subscription proper (name of the operator(s) with whichthe subscription(s) has or have been taken out, type of subscription,subscription identification data, etc.), and also on-board applications.In the particular practical form illustrated in FIG. 1, SIM card 9incorporates deciphering module 10 enabling said card to deciphermessages received by the SIM card. It also incorporates a verificationmodule 11, containing a deciphering verification mechanism such as achecksum. Card 9 incorporates a module 12 containing the financialentitlements of user 7: module 12 can be an electronic purse forexample, which can be replenished by means of a bank or other cardinserted in an auxiliary reader of telephone 8, or via a secure linewith a financial entity capable of downloading a certain sum of money tosaid electronic purse. Module 12 can also take the form of an adder ofamounts consumed by card 9, and billed by period. In another example,module 12 comprises a preloaded counter which is then decrementedaccording to the consumption of user 7. Card 9 incorporates module 13for synchronisation of payment for a VAS and deciphering of thisservice.

In the following description, the term subscriber card is used toindicate a card providing the functions of an SIM card presented above.A subscriber card can consequently also be a USIM card. It should benoted that modules 10, 11, 12 and/or 13 can be integrated in telephone8, or in another unit such a machine capable of communicating withtelephone 8. The term machine corresponds to a very broad conceptualunit, combining hardware and software (computer, smart card, etc.).

The process for controlling access to VAS 5 transmitted to station 2 viaGPRS network 4 is illustrated in FIGS. 1 and 2, and is executed asfollows.

In a first step, service provider 3 takes advantage of an off-peakperiod of during the day or at night, during which the network isunderemployed, to transmit a VAS 5 to one or more mobile telephonestations 2. In this way, user 7 does not have to connect and pay for thetime required to find said VAS. The VAS is transmitted by provider 3without the user having to take any action. Transmission of the VAS isbilled to provider 3 in whatsoever manner and not to the user. Theprovider downloads said VAS to station 2 without the user beinginformed. As the suppler uses off-peak periods to transmit VAS services,the rate for transmission of these services can be negotiated with theoperator, so that this special utilisation improves amortisation of itsnetwork. Furthermore, as the network is underemployed, the provider iscertain that the VAS is transmitted rapidly to target stations 2.

Taking an illustrative example, provider 3 is a music distributor. A newsong is published, and the provider wishes to distribute the song forthe purpose of advertising and selling the song. According to theinvention, the provider communicates the song to a given number of users7 or all stations 2 able to intercept it, during off-peak hours.

Provider 3 transmits VAS 5 in a protected mode so that the user cannotuse the service on its reception by station 2. The user cannot use VAS 5as long as access to the service is protected.

Advantageously, provider 3 transmits additional data 15 in addition toVAS 5. Additional data 15 comprise indications for card 9 or telephone 8for transmitting the deciphering key and/or information for calculationof this key, reading the protected VAS and indicating the price of thedeciphering key, and allow its authentication. Additional data 15 are asfollows in particular:

-   -   format in which the data are transmitted, for example XML        (Extensible Markup Language), BER (Basic Encoding Rule) or DER        (Distinguished Encoding Rule) format;    -   or the deciphering key protected by a key known to card 9,        information enabling card 9 to calculate the deciphering key, or        a combination of the two;    -   signed price of the deciphering key;    -   certificate for verification of the price signature.

In this way it is not necessary for the data format to be known to thecard or telephone.

According to the practical form illustrated in FIG. 1, VAS 5 isprotected by enciphering. Provider 3 enciphers part or all of the VASbefore it is transmitted. The provider in the example illustratedenciphers the most important data of the VAS. With the data enciphered,user 7 cannot access VAS 5 transmitted. Enciphering is performed using acryptographic process. Deciphering requires possession of a device fordeciphering the VAS, namely a key or equivalent device, hereinafterreferred to as the deciphering key. Without the key, the user cannotdecipher the VAS.

In the example concerning a music distributor, the distributor partlyenciphers the song so that the user can listen to part for advertisingpurposes, but cannot listen to the complete song without paying.

A VAS transmitted comprises a single block, or a block which can bebroken down into a number of separate parts. Each part of the VAS isprotected separately, and certain parts can be left unprotected. If partof the VAS is not protected, it can be accessed directly by the stationwithout the need for a key.

According to another specific form, the VAS comprises a number ofindependent parts. For example, the VAS comprises multimedia data, suchas photos, videos and music. This type of data can be segmented,providing separate access to one part or another. Photos are displayedone after the other, pieces of music listened to separately, and videosmade up of a number of sections.

According to another advantageous practical form, VAS 5 transmitted byprovider 3 comprises a number of parts arranged in such a way that eachpart contains the following elements: the first part contains thesecond, the second contains the third, etc. In this way, the priceincreases according to the level of service desired by the user. Asindicated above for example, the first part can be freely accessiblewithout the need to purchase a key. The next part comprises ademonstration of the VAS, designed to encourage the user to purchase thecomplete VAS. The second part of the VAS is charged, but costs less thanthe third part as being of lesser interest. By purchasing the thirdpart, the user obtains access to the first, second and third parts ofthe VAS. Purchase of a key to access part of the VAS provides access toall the other parts containing the VAS.

In a second step (FIGS. 1 and 2), VAS 5 is received by station 2 inpartially or fully enciphered form. Telephone 8 or card 9 informs theuser of reception and the purpose of a VAS, on the mobile telephonescreen. If the VAS is partially enciphered, telephone 8 or card 9proposes execution of the uncoded part to the user for demonstrationpurposes (to show how the VAS is working without being able to use it),for presentation purposes (to inform the user on its content andfunctions, as for example a table of contents of a newspaper), forshowing an extract or for other purposes. In the example of the musicdistributor, telephone 8 or card 9 invites the user to listen to part ofa song, the title, singer and release date of which are indicated. Theprovider decides what information to provide for the user. It allows theuser to have an idea (a demonstration, a presentation, an extract orelse) of the VAS before purchasing it.

If the user decides to access the VAS received, he must purchase anappropriate deciphering key. The price of the key corresponds to theprice of the VAS. The price of the key can also include other expensesas will be seen below. The price can be indicated, signed, in data 15 asindicated above. Card 9 verifies the signature and extracts the price.Card 9 can also request the price from a given entity of network 4. Theprice and certificate are then not included in data 15.

Protection of said parts is obtained either by means of a single key, orby a number of keys with a different key per part for example.

According to a first practical form of the deciphering key, there is onekey or a set of single keys per user or group of users, enciphering ofthe VAS differing according to said key or said set of keys. Each useror group of users has their own key, which differs from the decipheringkeys of the other users. Thus the same VAS is transmitted in a number ofdifferent forms corresponding to the number of users or user groups.Users in the same group receive the same data set representing theenciphered VAS, using a key or set of identical keys for the completegroup.

According to a second practical form of the key, one key or one set ofkeys is provided for all users wishing to access the VAS. The encipheredVAS is identical irrespective of the user to which it is transmitted.

According to a third practical form, in which the VAS comprises a set ofparts having a logical link between the parts (such as a video sequenceof one hour sub-divided into two-minute sections, the sections beingchained logically), each part is enciphered with a different key.Enciphering of a VAS requires a set of keys.

This third practical form is applicable to a VAS comprising a set ofparts so arranged that each part contains the other parts (as describedabove). A different key is provided for each of said parts. A differentprice is associated with each key. In this way and as indicated above,the price of the required data varies according to their level, andcorresponds to the price of the key used to decipher said data.

To avoid the need for a set of keys, the invention proposes thederivation of a given key into a number of different keys, so as to havethe same number of keys as the number of sections. The keys are deducedfrom one and the same key, and are also deduced from each other. Thus,by deriving given key Kn, a first key with order Kn-1 is obtained. Byderiving key Kn- 1, a key with order Kn-2 is obtained. The three keyscan then be used to decipher a three-section VAS. Keys with order n-1and n-2 are obtained from a single key Kn. The key with order n-2 isobtained from the key with order n-1.

Likewise, a key with a given order is used to calculate all keys oflower order, and consequently to decipher all lower order sections(namely all sections to be viewed before the section with the order inquestion). A key with a given order can therefore be used, in the caseof a video sequence, to view the sequence up to the section of saidorder, said section included. On the other hand, the key of said ordercannot be used to calculate keys of higher order, or to deciphersections to be viewed later in the sequence.

The derivation process is transmitted in additional data 15.

According to a special practical form, deciphering and purchase of thekey are made indissociable by means of card 9. Card 9 obtains thedeciphering key from data 15 received, and only allows deciphering ofthe VAS with said key after verification of user payment. The VAS canonly be deciphered when payment for said key has been made.

Payment by the user of the VAS of the key price indicated in data 15 orcommunicated by a given entity, is performed in various known ways,on-line or off-line (immediate or deferred). According to a firstexample of immediate off-line payment, card 9 has an electronic purse12. If the user wishes to access the Reporting income statement ASreceived, he indicates this to card 9 by pressing a corresponding key onthe keyboard of telephone 8. Card 9 withdraws the amount required forpurchase of the key in question from the electronic purse. User 9replenishes said purse either using a bank or other card inserted in anauxiliary reader of telephone 8, or using a secure link with a financialentity able to download a certain sum of money to said electronic purse.According to a second example of immediate on-line payment, said sumrequired is debited to a user account with the operator or a financialentity. The debit operation is transmitted via a secure link to thecorresponding party. According to a third example of deferred on-linepayment, said requisite sum is recorded by an adder on the card. Theadder sums the amounts spent by station 2 and stores the total. Thetotal is debited to an account via a secure line at a later date.

If the user pays the provider on line, the operator must also be paidfor transmission of payment data (in addition to transmission of theVAS). In addition, if execution of the VAS requires access to thetelephone network, the operator must also be paid for utilisation of thenetwork by the VAS. The price of the key, according to a specificpractical form, is the sum of the price of the VAS proper plus variousexpenses such as transmission of the VAS to station 2 (if the userrequests access to the VAS), transmission of payment data (in the caseof on-line payment), utilisation of the network for execution of theVAS, etc. In the case of multimedia data, the charge can vary accordingto the quality of service desired by the user. For example, a photo canbe displayed in various formats (mini, telephone screen size, giant sizefor storage by a computer). Agreements are established between operatorand access provider in regard to billing said user. Numerouspossibilities are available but are not examined in connection with thisapplication. According to an agreement example, the provider concludesan agreement with the operator under the terms of which transmission ofthe VAS, the VAS proper, transmission of VAS payment and all otherexpenses are paid by the user to the operator. The operator undertakesto pay the corresponding sum to VAS provider 3.

When the payment is made or accounted, card 9 deciphers the VAS. Anumber of deciphering solutions are possible, including the following inparticular.

According to a first solution, additional data 15 include informationenabling the cryptographic module of card 9 (or telephone 8) tocalculate a VAS deciphering key. The module calculates the key,deciphers the VAS using the key calculated, and executes the VAS.

According to a second solution, the cryptographic module contains anintermediate key K2, used to decipher another key K1 (deciphering key)transmitted in data 15. The module deciphers deciphering key K1 receivedusing intermediate key K2 at its disposal. Card 9 then deciphers VAS 5using deciphering key K1 received and deciphered by K2.

The VAS can also be deciphered by the mobile telephone, which receivesthe deciphering key from card 9.

The keys or key calculation information transmitted to station 2 for thesolutions described above, can be received from an entity other thanprovider 3 and subsequent to transmission of VAS 5.

As has already been seen in the example illustrated in FIG. 1, card 9contains the deciphering key and payment mechanism for said key, andonly makes the key accessible when user payment has been made.

Other options are available. If station 2 is a twin card readertelephone, the card 9 containing the key and/or payment mechanism is acard inserted in the auxiliary reader of station 2.

Likewise the key and/or payment mechanism can also be held by telephone8. For example, the key can be stored in the card and the cryptographicmodule (deciphering module) in telephone 8.

When deciphering has been completed, module 11 in the card or telephoneverifies the deciphering operation.

For operational purposes, mechanism 13 is provided for synchronisationof payment and delivery of the key. It should be noted that purchase ofthe key can occur before, during or after reception of the VAS.

As is demonstrated by the second practical form of the system accordingto the invention in an Internet context, as illustrated in FIG. 3, thesystem includes a receiver device, namely machine 16. The system alsoincludes transmitter device 3, this being an Internet access provider,and more precisely server 3 in the example illustrated. Server 3 andmachine 16 are interconnected by a packet type data communicationnetwork 17 such as Internet.

Machine 16 is used by user 7, and incorporates browser 18 for display ofpages 19 communicated by server 3. Reader 20 for smart card 21 isconnected to machine 16.

The VAS access control process transmitted by machine 16 via Internetnetwork 17 and illustrated in FIG. 3 is executed as follows. XXXXXX

The process involves leaving free access to enciphered Internet pages19. No password is required to access a given page. However, if the pageinvolves charged access, it is enciphered and consequently unusable bythe user having downloaded the page.

According to a second step, access provider 3 for a page, and moreprecisely server 3 for the page concerned, transmits said page tomachine 16 in enciphered form. All the mobile telephone applicationprinciples described above are also valid for the Internet application,including the following principles in particular. Machine user 7 cannotinterrogate pages received from the server until the deciphering key forsaid pages has been purchased.

The user pays for the key with smart card 21 which is inserted in reader20. According to the practical form of the process whereby the purchaseof a key and the deciphering function are made indissociable, the cardincorporates a cryptographic module 10 which is used to decipher saidpages only when payment has been made by the user using mechanism 12incorporated in said card (electronic purse, adder, counter, secure linecommunication module, etc.), whether payment is immediate or deferred.Module 11 verifies deciphering.

According to a variant, card 21 stores the deciphering card(s).Deciphering is performed using the key or keys stored by the machine. Acard only transmits the key or keys to the machine when payment has beenmade.

The payment mechanism, cryptographic module and verification module canalso be integrated in machine 16 or any other element.

This application concerns a process for controlling access by a user 7to a quantifiable data set 5, 19 received via a receiver device 2, 16,connected to device 3 transmitting said data set via network 4, 17,characterised in that receiver device 2, 16 receives said data set 5, 19from transmitter device 3 in a partially enciphered form, and that saidreceiver device 2, 16 deciphers said data set by means of a decipheringkey which it must purchase.

The deciphering function and purchase of the key are made indissociableby means of a smart card used by the receiver device; so as to allowdeciphering of said data set only when payment for said key has beenmade.

Purchase and acquisition of the key are dissociated from reception ofsaid data set.

Said data set received is segmented into a number of parts, each partbeing encipherable independently from the others, with certain parts notnecessarily enciphered. According to a particular practical form, saiddata set comprises a number of parts arranged so that each part containsthe following parts.

According to a first variant, one key or a set of unique keys for eachuser or user group of said data set is provided, deciphering of saiddata set differing according to said key.

According to a second variant, a single key or single set of keys isprovided for all users wishing to access said data set.

Said data set is transmitted by said transmitter device during anoff-peak period of network 4, and without any request from user 7.

Said data set contains at least following additional data 15:

-   -   data transmission format such as XML (Extensible Markup        Language), BER (Basic Encoding Rule), or DER (Distinguished        Encoding Rule) format for example;    -   deciphering key protected by a key known to card 9, information        enabling card 9 to calculate the deciphering key, or a        combination of the two;    -   signed price of the deciphering key;    -   certificate for verification of the price signature;    -   deciphering key derivation process.

The deciphering key is obtained from information received by thereceiver device for calculation of said key, or by deciphering aprotected deciphering key received by the receiving device, by anintermediate key held by said receiver device.

This application also concerns an on-board system designed forinstallation in a mobile telephone station 2, comprising data processingand storage devices, characterised in that the system incorporatesdevices by means of which a deciphering key for a quantifiable protecteddata set received by station 2 is only delivered when the user of saidstation has paid for said deciphering key.

This application concerns a mobile telephone incorporating an on-boardsystem reader, designed to receive an on-board system 9 comprisinginformation processing and storage devices, characterised in that itincorporates a device for deciphering a quantifiable protected data setreceived by the telephone by means of a deciphering key, only when theuser of said telephone has paid for said deciphering key.

This application concerns a machine accessed by a user 7, and designedfor connection to transmitters via packet type communication network 17,characterised in that it incorporates a device only allowing access to aquantifiable protected data set when user 7 has paid the price of thedeciphering key for said data set.

This application concerns an enciphering/deciphering process for aquantifiable data set segmented into a number of parts, designed fortransmission by a transmitter device to a receiver device via a datacommunication network, characterised in that it involves derivation of akey into a number of different keys, and deciphering of each segment ofeach data set by one of said original or derived keys, in such a waythat all deciphering keys are deduced from a single key.

So, the present invention concerns a method for controlling of access bya user 7 to a quantifiable data set 5, 19 received via a receiver device2, 16, designed for connection to a transmitter device 3 for said dataset via a network 4, 17, characterised in that receiver device 2, 16receives said data set 5, 19 from transmitter 3 in at least partiallyenciphered form, and that said receiver device 2, 16 deciphers said dataset by means of a deciphering key which user 7 must purchase.

The present invention concerns also a method for a user 7 to access to aquantifiable data set 5, 19 received via a receiver device 2, 16,designed for connection to a transmitter device 3 for said data set viaa network 4, 17, characterised in that said data set is transmitted bysaid transmitter device without any request from user 7. Said data setis transmitted by said transmitter device during an off-peak period fornetwork 4

Said data set received is segmented into a number of parts, it beingpossible to encipher the parts independently from each other, withcertain parts not necessarily enciphered. Said data set comprises anumber of parts arranged in such a way that each part contains thefollowing parts.

One key or a set of unique keys for each user or group of users of saiddata set is provided, deciphering of said data set differing accordingto said key.

According to another embodiment, a single key or single set of keys isprovided for all users wishing to access said data set.

The process involves derivation of one key into a number of differentkeys, and deciphering of each segment of said data set with one of saidoriginal or derived keys, in such a way that all deciphering keys arededuced from a single key.

The deciphering key is obtained from information received by thereceiver device for calculation of said key, or deciphering of aprotected deciphering key received by the receiver device by anintermediate key held by said receiver devices.

Although specific embodiments of the invention have been described andillustrated, the invention is not to be limited to the specific forms orarrangements of parts so descried and illustrated. The invention islimited only by the claims.

1. A process for a user (7) to access to a value added service (VAS)(5,19) received via a receiver device (2,16), designed for connection toa transmitter device (3) for said VAS via a network (4,17), comprising;transmitting, said VAS by said transmitter device without any requestfrom the user (7); and informing the user of reception of said VAS andproposing to the user execution of an uncoded part, said VAS beingtransmitted in a partially enciphered form.
 2. The process according toclaim 1, wherein said VAS is transmitted by said transmitter deviceduring an off-peak period for network (4).
 3. The process according toclaim 1 or 2 of the preceding claims, wherein said VAS is downloaded tothe receiver device without the user being informed.
 4. The processaccording to claim 3, wherein said receiver device (2,16) receives saidVAS (5,19) from transmitter (3) in at least partially enciphered form,and said receiver device (2,16) deciphers said VAS by means of adeciphering key which user (7) must purchase.
 5. The process accordingto claim 1 or 2, wherein said receiver device (2,16) receives said VAS(5,19) from transmitter (3) in at least partially enciphered form, andsaid receiver device (2,16) deciphers said VAS by means of a decipheringkey which user (7) must purchase.
 6. The process according to claim 1,wherein said VAS is downloaded to the receiver device without the userbeing informed.
 7. The process according to claim 6, wherein saidreceiver device (2,16) receives said VAS (5,19) from transmitter (3) inat least partially enciphered form, and said receiver device (2,16)deciphers said VAS by means of a deciphering key which user (7) mustpurchase.
 8. The process according to claim 1, wherein said receiverdevice (2,16) receives said VAS (5,19) from transmitter (3) in at leastpartially enciphered form, and said receiver device (2,16) decipherssaid VAS by means of a deciphering key which user (7) must purchase. 9.A mobile telephone incorporating a user interface information processingand storage devices, a plurality of devices which inform, through theuser interface, the user of reception of a value added service (VAS)received without any request from the user, said storage devices storingthe received value added service (VAS), and further comprising deviceswhich propose to the user execution of an uncoded part, and wherein saidVAS is being transmitted in a partially enciphered form.
 10. A machineaccessed by a user (7) and designed for connection to transmitterdevices via a network, comprising; devices which inform the user ofreception of a value added service (VAS) received without any requestfrom the user; and devices which propose to the user execution of anuncoded part, wherein said VAS is transmitted in a partially encipheredform.